blob: e318e18397c6f2e53c95c073fa7e8d319232d841 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
---- From 00readme (slightly modified) ----
<What's Donkey?>
Donkey is an alternative for S/KEY's "key" command. The new feature that
the original key doesn't have is print an entry for skeykeys as
follows;
kazu 0099 al02004 115d83956f1089b6 Apr 26,1995 22:13:27
This means that donkey is also an alternative for "keyinit". Since the
entry is printed to stdout (not to /etc/skeykeys), you can easily send
it to remote operator by e-mail (with PGP signature or something). So,
it is possible to initiate S/KEY without logging in from the console of the
host.
The name "Donkey" is an acronym of "Don't Key".
<How to use Donkey>
(1) Calculate a One-Time-Password.
Execute Donkey with sequence and seed, then input your passphrase.
The -f option allows you to choose hash function from MD2, MD4, and MD5.
The default hash function is MD4 due to the historical reason.
(2) Calculate multiple One-Time-Passwords at once.
Use -n option.
Note that although "Enter passphrase" is printed out to stderr,
One-Time-Passwords go to stdout. So, you can redirect the output
safely.
(3) Print skeykeys entry.
Use -i option without argments. Then, enter login name, sequence and
seed. If you like default value, just type RET. Input your passphrase
twice to get the entry.
<Copyright>
Donkey conforms GNU GENERAL PUBLIC LICENSE Version 2 and is
Copyright (C) 1995 Kazuhiko Yamamoto
<kazu@is.aist-nara.ac.jp>
|
